A new ransomware group called FunkSec has claimed over 80 victims in just one month. This is more than any other threat actor in December. The group emerged late last year.
It likely consists of inexperienced hackers seeking visibility and recognition. Many of the group’s leaked datasets are recycled from previous hacktivism campaigns. This raises doubts about the authenticity of their disclosures.
FunkSec demands unusually low ransoms from its victims. Sometimes as little as $10,000. The victims are mostly based in the U.S., India, Italy, Brazil, Israel, Spain, and Mongolia.
FunkSec sells stolen data to third parties at reduced prices. The victims listed on its website include a travel booking company, an energy management service, and a company that sells household appliances. None of them have publicly confirmed the alleged attacks.
The latest version of the group’s ransomware is named FunkSec V1. It was uploaded from Algeria, likely by its creator.
FunkSec’s varied ransomware motives
The malware contains elements that appear to have been created with the help of artificial intelligence. Researchers noted the developer likely used AI to quickly develop and improve the tool. This supplements their apparent lack of technical expertise.
For example, AI was likely used to write code comments in perfect English. This contrasts with the very basic English used on the group’s other platforms. FunkSec also released an AI chatbot to support its operations.
FunkSec’s true motivations are unclear. Its activities align with both hacktivism and cybercrime. In addition to ransomware, the group offers tools commonly associated with hacktivist activities.
These include services for distributed denial-of-service attacks, remote desktop management, and password generation. Some of the group’s members previously engaged in hacktivist activities. They also claim to target India and the U.S. They align themselves with the “Free Palestine” movement.
They attempt to associate with now-defunct hacktivist entities like Ghost Algeria and Cyb3r Fl00d. These associations likely represent attempts to boost FunkSec’s credibility by aligning with well-known names. They do not indicate direct membership or collaboration.
Rashan is a seasoned technology journalist and visionary leader serving as the Editor-in-Chief of DevX.com, a leading online publication focused on software development, programming languages, and emerging technologies. With his deep expertise in the tech industry and her passion for empowering developers, Rashan has transformed DevX.com into a vibrant hub of knowledge and innovation. Reach out to Rashan at [email protected]
